Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

#Use this template to capture proposal for a new Incubator Activity - delete this line after using the template#


Participants

Panel
titleProposers


#Enter the persons who are submitter of the Activity - delete this line after using the template#
NameOrganisation
Slávek Licehammer & Pavel BřoušekCESNET



#Enter the persons who are participating in the that works on this Activity - delete this line after using the template#
Panel
titleGN4-3 project team
team


NameOrganisationRole
Jan PavlíčekCESNETDeveloper, TIM student
Pavel BřoušekCESNETMentor



Panel
titleStakeholders


#Enter the persons who are internal projects or external stakeholders of this Activity - delete this line after using the template#

Name

Organisation

Role 
Slávek LicehammerCESNETStakeholder


Activity overview

Panel
titleDescription

#Please describe the high-level goal of the incubator Activity, provide an overview of the anticipated work and needed resources and skills. Please also describe how commitment from various partners is warranted. - delete this line after using the template#

<Enter here>The primary goal of the Authentication and Authorization Infrastructure (AAI) is to provide centralized authentication and authorization mechanisms. In an environment based on the AAI, one of such authorization rules might be fulfilling the policy requirements, set i.e. in an AUP document defined by the community, service provider, or organizational unit. In general, when the resource owner or provider decides that a specific policy has to be enforced when the resource is used, AAI needs to provide a mechanism for both sides to manage and fulfill this requirement. These rules need to cover several cases, i.e. a situation of actively using the resource (i.e. web-based service login), as well as just-in-case scenarios, like the data provisioning.


Panel
titleActivity goals

#Please describe the goals of Activity, including what needs to be delivered, participants, the community(ies) that require a solution. Describe when the Activity is done and how to measure the success of it, in a SMART way. - delete this line after using the template#

<Enter here>

This topic aims to explore the area of enforcing acceptance of Acceptable Use Policies as an activity of managing access to resources. We like to understand which parties (e.g. user communities, e-infrastructures, resource owners, …) need to be involved in the process and how to combine their requirements together. Based on the analysis we will develop a web-based application which will provide tools to manage AUPs on a central level (within the AAI) and let users approve (whilst recording this act) such a policy document.

Activity Details

Panel
titleTechnical details

#Please describe the technical details for the Activity. - delete this line after using the template#

<Enter here>The outcome should be a web application consisting of several modules. The first part will provide tools for resource owners to define the policies. The second module will serve users for approving the policy requirements. Another module will act as an integration point of this component into the AAI environment, i.e. by providing an API to query whether the policy authorization requirements have been satisfied.


Panel
titleBusiness case

From the resource owner's point of view, they need to have tools to set up policy enforcement. On the other end of the process, a user using the resource needs to be able to mark the fulfillment of such a requirement, i.e. by making a claim of accepting the AUP document contents and promising to follow the rules described in the document.


Panel
titleRisks
  • application is not finished in time
  • application cannot be integrated with a popular identity management system

#What is the business case for the Activity? Who would be beneficiaries of the results of the Activity and what would potential business case look like if applicable? - delete this line after using the template#

<Enter here>

Panel
titleRisks

#Are there risks that influence either the implementation of the activity or its outcomes? - delete this line after using the template#

<Enter here>


Panel
titleData protection & Privacy

#How do data protection and privacy impact the Activity? Think about e.g. handling of personal data of users - delete this line after using the template#

<Enter here>There is almost no user data directly handled by the application. Authentication will be abstracted by OIDC, only user identifier (OIDC sub claim) will be handled.


Panel
titleDefinition of Done (DoD)
  • web app allows management (creation and editing) of AUP texts
  • API provides a way to retrieve and approve AUPs
  • user- or admin-facing parts are internationalized
  • app is integrated with at least one identity management system

#Please describe here the set of criteria that the product must meet in order to be considered finished. - delete this line after using the template#

<Enter here>


Panel
titleSustainability

#How are the results of the Activity intended to be used? If this requires further engagement, can you describe how you intent to sustain it? - delete this line after using the template#

<Enter here>

The final product will be tested as a part of the Life Sciences AAI (LS AAI), utilising the Proxy Identity Provider (SaToSa) and the Identity Management System (Perun) as the integration points.

Activity Results

Panel
titleResults
#Please provide pointers to completed and intermediary results of this activity - delete this line after using the template#

Meetings

Date

Activity

Owner

Minutes

January 1, 2017July 20, 2022

Kickoff meeting

Documents

...

Niels van Dijk
October 25, 2022Public demoNiels van Dijk
December 15, 2022Final demoNiels van Dijk